Overview

overview

7

Static

static

7

4c490d2247...KI.exe

windows7-x64

7

4c490d2247...KI.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    4c490d224709bdc2f3cd98bb25677b10_NEIKI

  • Size

    601KB

  • Sample

    240507-15gkysdd67

  • MD5

    4c490d224709bdc2f3cd98bb25677b10

  • SHA1

    51019fca759782a735a2e128e5d1ecca926ba90b

  • SHA256

    e11bc2981b403e9793dff1f9ce68328d1d5f49ac94e66d756033e051360ae1a1

  • SHA512

    124782cb110435af27cacd10f58a700054a13f5501ec40da698b5768be61927844714291f05d432c3ea7a29a84e0f045893b504ee256f27cba25069ab7b5a944

  • SSDEEP

    12288:0AOvjTd0qa1SJac/vhZHnUWuLGJb1uWGZeVBIcMfcY3ICIl:0zv3ra1Sgc/vfpHoWCeQDf/x4

Score
7/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      4c490d224709bdc2f3cd98bb25677b10_NEIKI

    • Size

      601KB

    • MD5

      4c490d224709bdc2f3cd98bb25677b10

    • SHA1

      51019fca759782a735a2e128e5d1ecca926ba90b

    • SHA256

      e11bc2981b403e9793dff1f9ce68328d1d5f49ac94e66d756033e051360ae1a1

    • SHA512

      124782cb110435af27cacd10f58a700054a13f5501ec40da698b5768be61927844714291f05d432c3ea7a29a84e0f045893b504ee256f27cba25069ab7b5a944

    • SSDEEP

      12288:0AOvjTd0qa1SJac/vhZHnUWuLGJb1uWGZeVBIcMfcY3ICIl:0zv3ra1Sgc/vfpHoWCeQDf/x4

    Score
    7/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks